Sip от Дом.ру правила фаервола

[natalya]

Сегодня настраивала микротик с дом ру интернет+sip. Если не прописывать правила для фаервола, то при исходящем звонке через какой то промежуток времени собеседник не слышит звонящего. Конечно на сайте дом ру четко написано куда должен быть доступ (https://wiki.domru.biz/sip_phones), но тем не менее весьма лениво писать правила, а потому мне захотелось куда то их написать что б и мне памятка и кому то может пригодится (192.168.0.253 это ip станции телефона):

 

/
ip firewall filter
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.160/27 src-port=5060-5061
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.160/27 src-port=80
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.160/27 src-port=443
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.160/27 src-port=30000-65535
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.160/27 src-port=8080
add action=accept chain=forward in-interface=pppoe-out1 protocol=udp src-address=5.3.4.160/27 src-port=30000-65535
add action=accept chain=forward in-interface=pppoe-out1 protocol=udp src-address=5.3.4.160/27 src-port=5060
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.160/27 src-port=8080
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.160/27 src-port=5060-5061
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.160/27 src-port=80
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.160/27 src-port=443
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.160/27 src-port=30000-65535
add action=accept chain=forward in-interface=pppoe-out1 protocol=udp src-address=188.186.156.160/27 src-port=30000-65535
add action=accept chain=forward in-interface=pppoe-out1 protocol=udp src-address=188.186.156.160/27 src-port=5060
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.140 src-port=8080
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.140 src-port=5060-5061
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.140 src-port=80
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.140 src-port=443
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=5.3.4.140 src-port=30000-65535
add action=accept chain=forward in-interface=pppoe-out1 protocol=udp src-address=5.3.4.140 src-port=5060
add action=accept chain=forward in-interface=pppoe-out1 protocol=udp src-address=5.3.4.140 src-port=30000-65535
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.140 src-port=8080
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.140 src-port=5060-5061
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.140 src-port=80
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.140 src-port=443
add action=accept chain=forward in-interface=pppoe-out1 protocol=tcp src-address=188.186.156.140 src-port=30000-65535
add action=accept chain=forward in-interface=pppoe-out1 protocol=udp src-address=188.186.156.140 src-port=5060
add action=accept chain=forward in-interface=pppoe-out1 protocol=udp src-address=188.186.156.140 src-port=30000-65535
add action=accept chain=forward comment=SIP dst-address=5.3.4.160/27 dst-port=30000-65535 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.160/27 dst-port=30000-65535 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.140 dst-port=30000-65535 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.140 dst-port=30000-65535 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.160/27 dst-port=5060-5061 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.140 dst-port=5060-5061 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.160/27 dst-port=5060-5061 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.140 dst-port=5060-5061 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.160/27 dst-port=80 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.160/27 dst-port=80 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.140 dst-port=80 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.140 dst-port=80 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.160/27 dst-port=8080 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.160/27 dst-port=8080 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.140 dst-port=8080 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.140 dst-port=8080 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.160/27 dst-port=443 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.160/27 dst-port=443 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.140 dst-port=443 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.140 dst-port=443 out-interface=pppoe-out1 protocol=tcp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.160/27 dst-port=30000-65535 out-interface=pppoe-out1 protocol=udp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.160/27 dst-port=30000-65535 out-interface=pppoe-out1 protocol=udp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.140 dst-port=30000-65535 out-interface=pppoe-out1 protocol=udp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.140 dst-port=30000-65535 out-interface=pppoe-out1 protocol=udp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.160/27 dst-port=5060 out-interface=pppoe-out1 protocol=udp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.160/27 dst-port=5060 out-interface=pppoe-out1 protocol=udp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=5.3.4.140 dst-port=5060 out-interface=pppoe-out1 protocol=udp src-address=192.168.0.253
add action=accept chain=forward comment=SIP dst-address=188.186.156.140 dst-port=5060 out-interface=pppoe-out1 protocol=udp src-address=192.168.0.253

[KaNelam]

Сталкивался с таким, у меня решилосьразрешением sip

Код: Выделить всё

/ip firewall service-port enable sip

и, конечно, форвард разрешить, при наличии запрещающих правил